You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

deadends when searching google about PUP.BundleInstaller.BI

Malwarebytes found PUP.BundleInstaller.BL to be part of HeliosPaint.exe. Initially I decided to ignore it but soon decided to remove it (by deletion of HeliosPaint.exe using Windows).

I tried a google search and found some links to information about PUP.BundleInstaller.BL, but when visiting the links, they were dead ends, giving no information. The HeliosPaint installer has been sitting unused on the computer for a few days, and ultimately I never ran this installer; instead deleting it several minutes after the Malwarebytes scan session. If anyone knows about these, either the PUP... or HeliosPaint.exe, I am interested to know the details. Like I said, google search showed me nothing informative.

BC AdBot (Login to Remove)

A Potentially Unwanted Program (PUP) is a very broad threat category which can encompass any number of different programs to include those which are benign as well as malicious. They may also be defined somewhat differently by various security vendors.

Some programs falling into the PUP category have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files (compressed, packed) that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.

This type of detection does not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. Since these detections do not necessarily mean the file is malware or a bad program, in some cases the detection may be a "false positive".

Usually, if you installed or recognize the program, then you can ignore the detection. If not or you downloaded it from an untrusted site, then you need to investigate further.

According to SystemExplorer.net, HeliosPaint.exe is a file related to HeliosPaint by Helios 101 Software Solutions Ltd. and is available for download from such hosting sites as Download.cnet.com, Downloads.zdnet

Keep in mind that all scanning tools are susceptible to false positive detections from time to time, especially if the scanner uses heuristic analysis technology. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected.

If you still had the file, you could get a second opinion by submitting it to one of the following online services that analyzes suspicious files:

In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.

Adware, or advertising-supported software, is any software package which automatically renders advertisements. These advertisements can be in the form of a pop-up.[1] They may also be in the user interface of the software or on a screen presented to the user during the installation process. The object of the Adware is to generate revenue for its author. Adware, by itself, is harmless; however, some adware may come with integrated spyware such as keyloggers and other privacy-invasive software.